Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Security advisories released detailing 4 of the bugs fixed in CPU July 2005"] [Next entry: "Computer World is also talking about CPU July 2005"]

ZDNet news talks about the Critical Patch Update 2005

I was browsing some news sites and found an article written by Renai LeMay for ZDNet Australia and published today 13 July 2005. The article is titled "Oracle update fixes security flaws". The short article mainly talks about the issued found by Stephen Kost of Integrigy Inc based in Chicago. He says that there are a number of high risk SQL Injection and parameter manipulation vulnerabilities in the E-Business Suite. Stephen added that it is possible for an attacker with only a browser internally or externally to execute malicious SQL statements as the APPS database user.